CN110890976B - Dynamic intention guarantee method and device in computer network and storage medium - Google Patents

Dynamic intention guarantee method and device in computer network and storage medium Download PDF

Info

Publication number
CN110890976B
CN110890976B CN201910545102.4A CN201910545102A CN110890976B CN 110890976 B CN110890976 B CN 110890976B CN 201910545102 A CN201910545102 A CN 201910545102A CN 110890976 B CN110890976 B CN 110890976B
Authority
CN
China
Prior art keywords
resource
service
resources
level configuration
configuration data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910545102.4A
Other languages
Chinese (zh)
Other versions
CN110890976A (en
Inventor
钱德拉塞克哈尔·A
尼尔摩尔·安布罗斯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Juniper Networks Inc
Original Assignee
Juniper Networks Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Juniper Networks Inc filed Critical Juniper Networks Inc
Priority to CN202210901501.1A priority Critical patent/CN115250223A/en
Publication of CN110890976A publication Critical patent/CN110890976A/en
Application granted granted Critical
Publication of CN110890976B publication Critical patent/CN110890976B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5003Managing SLA; Interaction between SLA and QoS
    • H04L41/5019Ensuring fulfilment of SLA
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0876Aspects of the degree of configuration automation
    • H04L41/0886Fully automatic configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5041Network service management, e.g. ensuring proper service fulfilment according to agreements characterised by the time relationship between creation and deployment of a service
    • H04L41/5054Automatic deployment of services triggered by the service manager, e.g. service implementation by automatic configuration of network components

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

Provided are a dynamic intention guaranteeing method and apparatus in a computer network, and a storage medium. An apparatus comprising a processor, memory, and an interface may perform these techniques. The processor may obtain a policy that includes high-level configuration data defining a service to be deployed within the network, the high-level configuration data including resource selection criteria that identifies one or more criteria for selecting a resource from a plurality of potential resources to support the service. The processor may also determine resources from the plurality of potential resources that support the service based on resource selection criteria and convert the high-level configuration data into low-level configuration data specific to the determined resources. The memory may store low-level configuration data specific to the determined resource. The interface may enable configuration of the determined resource using low-level configuration data specific to the determined resource when providing the service.

Description

Dynamic intention guarantee method and device in computer network and storage medium
Technical Field
The present disclosure relates to computer networks, and more particularly, to management of network devices.
Background
The network device may include a mechanism for configuring the device locally or remotely, such as a management interface. By interacting with the management interface, the client may perform configuration tasks and execute operational commands to collect and view operational data of the managed device. For example, the client may configure an interface card of the device, adjust parameters of the supported network protocol, specify physical components within the device, modify routing information maintained by the router, access software modules and other resources residing on the device, and perform other configuration tasks. In addition, the client may allow the user to view current operating parameters, system logs, information related to network connections, network activity or other status information from the device, and to view and react to event information received from the device.
The network configuration service may be performed by a number of different devices, such as routers with service cards and/or dedicated service devices. Such services include connectivity services, such as layer three virtual private network (L3VPN), virtual private local area network service (VPLS), and peer-to-peer (P2P) services. Other services include network configuration services such as, for example, Dot1q Virtual Local Area Network (VLAN) services. To configure a device to perform a service, a user (e.g., an administrator) may write a conversion program that converts high-level configuration instructions (e.g., instructions according to a network service model) into low-level configuration instructions (e.g., instructions according to a device configuration model). As part of configuring service support, a user/administrator may provision service models and mappings between service models to device configuration models.
To simplify the mapping definition for the user, a Network Management System (NMS) device may be designed to provide the ability to define the mapping in a simple manner. For example, some NMS devices provide for the use of speed templates and/or extensible stylesheet language transformations (XSLT). Such a translator contains translation or mapping logic from a high-level service model to a low-level device configuration model. In general, a smaller number of changes in the advanced service model may affect a larger number of attributes in the device configuration. Different translators may be used when creating, updating and deleting services from the advanced service model.
One or more policies may specify the high-level service model as intent (intent). For example, a policy may identify a second tier peer (L2P2P) service between two endpoints as an intent. The administrator may then specify which available network devices in the computer network support the policy-defined L2P2P service. The NMS may then provide the L2P2P service within the computer network via the specified network device.
Disclosure of Invention
In general, this disclosure describes techniques for dynamically (e.g., automatically) providing and managing intents set forth by policies for managing computer networks. When processing intent, these techniques may enable a Network Management System (NMS) or other device provisioning system to obtain resource selection criteria (which may also be referred to as "filters") defined using an extensible command set. The NMS may automatically identify one or more resources to be configured to support the network server using the resource selection criteria.
The NMS may maintain a resource database and provide an interface through which to collect and update the various resources and the current state of each resource. A resource may refer to a device, an interface, a port unit, etc. The various resources may report the current status to the NMS (and/or the NMS may poll the resources to obtain the current status), where the NMS may update a database to maintain the current status of each resource. The NMS may select resources based on the resource selection criteria and provide the network service through the selected resources, thereby automatically providing the intent.
The NMS may obtain the update status of the resource and compare the update status of the resource to the resource selection criteria to determine whether the intent has degraded. When the resource no longer satisfies the resource selection criteria, the NMS may downgrade the intent and identify another resource (which may be referred to as an alternate resource) to replace the insufficient resource. The NMS may then provision the service using the alternate resources, providing intent guarantees, which may represent maintenance or otherwise managing intent to ensure an appropriate service level for the network service.
In one example, various aspects of the technology relate to a method comprising: obtaining, by a management apparatus, a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service; determining, by the management device, a resource supporting the service from the plurality of potential resources based on the resource selection criteria; converting, by the management device, the high-level configuration data into low-level configuration data specific to the determined resource; and configuring, by the management device, the determined resource using low-level configuration data specific to the determined resource when providing the service in the network.
In another example, aspects of the technology relate to an apparatus comprising: one or more processors configured to: obtaining a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service; determining resources from the plurality of potential resources that support the service based on resource selection criteria; converting the high-level configuration data into low-level configuration data specific to the determined resource; a memory configured to store low-level configuration data specific to the determined resource; and an interface through which the determined resource is configured using low-level configuration data specific to the determined resource when providing the service in the network.
In another example, aspects of the technology relate to a non-transitory computer-readable storage medium having instructions stored thereon that, when executed, cause one or more processors of a management apparatus to: obtaining a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service; determining resources from the plurality of potential resources that support the service based on resource selection criteria; converting the high-level configuration data into low-level configuration data specific to the determined resource; and configuring the determined resources using low-level configuration data specific to the determined resources when provisioning the service in the network.
The details of one or more examples of the techniques of this disclosure are set forth in the accompanying drawings and the description below. Other features, objects, and advantages of the techniques will be apparent from the description and drawings.
Drawings
Fig. 1 is a block diagram illustrating an example network including elements of an enterprise network managed using a management device in accordance with various aspects of the technology described in this disclosure;
FIG. 2 is a block diagram illustrating an example set of components for the management device of FIG. 1;
FIG. 3 is a block diagram illustrating the management module shown in FIG. 2 in greater detail;
FIG. 4 is a flow diagram illustrating resource allocation in accordance with various aspects of the technology described in this disclosure;
fig. 5 is a flow diagram illustrating example operations of the management system shown in fig. 1-3 in performing aspects of the automatic intent provisioning techniques described in this disclosure.
Like reference numerals refer to like elements throughout the drawings and the description.
Detailed Description
Fig. 1 is a block diagram illustrating an example of elements comprising an enterprise network 2 managed using a management apparatus 10. Managed elements 14A-14G (collectively, "elements 14") of enterprise network 2 include network devices interconnected via communication links to form a communication topology to exchange resources and information. The elements 14 (also commonly referred to as network devices or remote network devices) may include, for example, routers, switches, gateways, bridges, hubs, servers, firewalls or other Intrusion Detection Systems (IDS) or Intrusion Detection and Prevention (IDP) systems, computing devices, computing terminals, printers, other network devices, or a combination of these devices. Although described in this disclosure as transporting, transmitting, or otherwise supporting data packets, enterprise network 2 may transport data in accordance with any other discrete data units defined by any other protocol, such as, for example, units defined by the Asynchronous Transfer Mode (ATM) protocol or datagrams defined by the User Datagram Protocol (UDP). The communication link interconnecting the elements 14 may be a physical link (e.g., an optical link, a copper link, etc.), a wireless link, or any combination thereof.
Enterprise network 2 is shown coupled to a public network 18 (e.g., the internet) via a communication link. Public network 18 may include, for example, one or more client computing devices. Public network 18 may provide access to network servers, application servers, public databases, media servers, end-user devices, and other types of network resource devices and content.
Management device 10 is communicatively coupled to element 14 via enterprise network 2. In some examples, the management device 10 forms part of a device management system, although for purposes of example, only one device of the device management system is shown in fig. 1. The management device 10 may be directly or indirectly coupled to the various elements 14. Once the elements 14 are deployed and activated, the administrator 12 uses the management device 10 to manage network devices using device management protocols. One example device protocol is the Simple Network Management Protocol (SNMP), which allows the management device 10 to traverse and modify a Management Information Base (MIB) that stores configuration data within each managed element 14. Further details of the SNMP Protocol can be found in RFC3411 "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks" available from Harrington et al, http:// tools, ietf. org/html/RFC3411, the Network working group, draft Internet engineering task force, month 12 2002, the entire contents of which are incorporated herein by reference.
In some cases, the management device 10 (also referred to as a Network Management System (NMS)10 or NMS device 10) and the elements 14 are centrally maintained by an IT group of an enterprise. An administrator 12 interacts with the management apparatus 10 to remotely monitor and configure the elements 14. For example, administrator 12 may receive alerts from management device 10 regarding any of elements 14, view configuration data for elements 14, modify configuration data for elements 14, add new network devices to enterprise network 2, remove existing network devices from enterprise network 2, or otherwise manipulate enterprise network 2 and the network devices therein. Although described with respect to enterprise networks for purposes of example, the techniques of this disclosure are applicable to other types of public and private networks, including LANs, VLANs, VPNs, and the like.
In some examples, administrator 12 interacts directly with element 14 using management device 10 or a local workstation, e.g., through a telnet, Secure Shell (SSH), or other such communication session. That is, the element 14 typically provides an interface for direct interaction, such as a Command Line Interface (CLI), a web-based interface, a Graphical User Interface (GUI), or the like, through which a user can interact with the device to directly issue text-based commands. For example, these interfaces typically allow a user to interact directly with the device, e.g., through a telnet, SSH, hypertext transfer protocol (HTTP), or other network session, to enter text according to a defined syntax to submit commands to the managed element. In some examples, a user initiates an SSH session 15 with one element 14 (i.e., element 14F in the example of fig. 1) using the management device 10 to directly configure the element 14F. In this manner, a user may provide commands in the format of the direct execution element 14.
In addition, administrator 12 may also create scripts that may be submitted by management device 10 to any or all of elements 14. For example, in addition to the CLI interface, the element 14 also provides a scripting interface for receiving commands specified according to a scripting language. In a sense, the script may be output by the management device 10 to automatically invoke a corresponding Remote Procedure Call (RPC) on the managed element 14. The script may conform to, for example, an extensible markup language (XML) or another data description language.
Administrator 12 uses management device 10 to configure elements 14 to specify certain operational characteristics that promote the goals of administrator 12. For example, the administrator 12 may specify a particular operational policy for one element 14 with respect to security, device accessibility, traffic engineering, quality of service (QoS), Network Address Translation (NAT), packet filtering, packet forwarding, rate limiting, or other policies. The management device 10 performs configuration using one or more network management protocols designed to manage configuration data within the managed network elements 14, such as the SNMP protocol or the network configuration protocol (NETCONF) protocol or derivatives thereof, such as the Juniper device management interface. Typically, NETCONF provides a mechanism for configuring network devices and uses extensible markup language (XML) based data encoding for configuration data, which may include policy data. NETCONF is described in the "NETCONF Configuration Protocol" of ens, available from tools, ietf, org, html, RFC4741, network working group, RFC4741, month 12 2006. The management device 10 may establish a NETCONF session with one or more elements 14.
The management device 10 may be configured to compare the new set of high-level configuration data with the existing (or old) set of high-level configuration data and apply a conversion function to the differences between the new high-level configuration data and the old high-level configuration data. Specifically, the management device 10 determines whether the new set of configuration data includes any additional configuration parameters relative to the old set of high-level configuration data, and whether the new set of configuration data omits any configuration parameters included in the old set of high-level configuration data.
In other words, the number of types of managed devices (e.g., types of elements 14) is represented by N, and the variable isy represents low-level, device-specific configuration data, and variable x represents high-level configuration data. The management device 10 comprises N conversion functions f 1 ()、f 2 ()、…f N (). These functions are configured to accept high-level Configuration Data (which may be expressed as structured input parameters, e.g., according to YANG), which is described in "YANG-A Data Modeling Language for the Network Configuration Protocol (NETCONF)", available at tools, ietf. org/html/RFC6020, Internet engineering task force, RFC6020, month 10 2010. The functions are also configured to output respective sets of low-level device configuration data changes, e.g., additions and removals of device configurations. I.e. y 1 =f 1 (x),y 2 =f 2 (x),…y N =f N (x) In that respect Additional details regarding an example process of converting high-LEVEL CONFIGURATION information (or, in other words, high-LEVEL CONFIGURATION data) into LOW-LEVEL device CONFIGURATION information (or, in other words, LOW-LEVEL CONFIGURATION data) may be found in, for example, U.S. patent application No.15/198,657, filed by Jiang et al on 30/6/2016, "converting high-LEVEL CONFIGURATION INSTRUCTIONS into LOW-LEVEL device CONFIGURATIONs" (TRANSLATING HIGH-LEVEL CONFIGURATION information TO LOW-LEVEL DEVICE CONFIGURATION), the entire contents of which are incorporated herein by reference.
The management device 10 may be used in the context of a Software Defined Network (SDN), where the management device 10 may coordinate service deployment or provisioning within the managed elements 14. Administrator 12 may define one or more policies that may specify a high-level service model as generally identifying the intent of a network service.
For example, the policy may include an intent to identify a second tier peer (L2P2P) service and designate the service as "L2P 2P service between endpoints. In other words, the policy may identify the L2PSP service and the intent as "L2P 2P service between endpoints". The management appliance 10 may compile the intent and identify endpoints from the intent, specifying how the L2P2P service is to be deployed. Administrator 12 may then specify which available network devices (e.g., elements 14) within computer network 2 will support the L2P2P service defined by the policy (e.g., by defining various criteria for selecting which available network devices to support the L2P2P service, as discussed in more detail below). The management device 10 may then translate the high-level service model into a low-level service model specific to the selected element 14 and deploy the low-level service model to provision the L2P2P service within the computer network 2 via the specified network device 14.
In accordance with various aspects of the techniques described in this disclosure, the management device 10 may automatically provision and manage intents resulting from policies for managing the computer network 2. When processing the intent, these techniques may enable the management device 10 or other device provisioning system to obtain resource selection criteria (which may also be referred to as "filters") defined using an extensible command set. The management device 10 may automatically identify one or more resources to be configured to support the network service identified by the intent using the resource selection criteria.
The management device 10 may maintain a resource database and provide an interface through which to collect and update the various resources and the current status of each resource. A resource may refer to a device (e.g., element 14) or some component of a device, such as an interface, a port, a processing unit of a port, etc. The various resources may report status data to the management device 10 indicating the current status of the resources (and/or the management device 10 may poll the resources to obtain status data), wherein the management device 10 may update a database to store the status data to maintain the current status of each resource. The management apparatus 10 may automatically (meaning without human intervention in some examples) select a resource based on applying resource selection criteria to the status data, and configure the selected resource to automatically (meaning without human intervention in some examples) provision the intent when provisioning the network service identified by the intent in the network 2.
The management device 10 may obtain update status data indicating the update status of the resource, compare the update status data from the resource to the resource selection criteria to determine whether the intent has degraded. When the update status data of the previously configured resource no longer meets the resource selection criteria, the management device 10 may downgrade the intent and identify another resource (which may be referred to as a replacement resource) to replace the insufficient resource. The management device 10 may identify the replacement resource by again applying the resource selection criteria to the updated status data. When re-provisioning services within the network 2, the management device 10 may then configure the replacement resources to provide an intent guarantee, which may represent maintaining or otherwise managing the intent to ensure an appropriate service level for the intent.
In some examples, the management device 10 may use YANG modeling to define high-level configuration data according to intent and convert the high-level configuration data to low-level device configuration data specific to the selected resource. Modern systems may support an intent to simplify network management, where the intent may be declarative. To achieve the intent, the management system 10 may select the best resource (in the context of resource selection criteria). The techniques set forth in this disclosure may define methods that attempt to compile extensibility/programmability of intent models and resource selection.
When administrator 12 submits intent in the form of a policy, management system 10 may select a resource in intent compilation and generate low-level configuration data specific to the selected resource, thereby allowing programmatic definition of resource selection criteria. The management device 10 may automatically register the selected resource status change to provide an assurance (authority)/closed loop control as described above. For example, when intent is downgraded, the management system 10 may select the correct replacement resource and generate low-level configuration data specific to the replacement resource to programmatically define intent guarantee logic.
FIG. 2 is a block diagram illustrating an example set of components of the management device of FIG. 1. In this example, the management device 10 includes a control unit 22, a network interface 34, and a user interface 36. Network interface 34 represents an example interface that may communicatively couple management device 10 to an external device (e.g., one of elements 14 of FIG. 1). Network interface 34 may represent a wireless and/or wired interface, such as an Ethernet interface or a radio configured to communicate according to a wireless standard, such as one or more IEEE802.11 wireless networking protocols (e.g., 802.11a/b/g/n/ac or other such wireless protocols). In various examples, the management device 10 may include multiple network interfaces, although only one network interface is shown for purposes of example.
The control unit 22 represents any combination of hardware, software, and/or firmware for implementing the functionality attributed to the control unit 22 and its constituent modules and elements. When the control unit 22 includes software or firmware, the control unit 22 also includes any necessary hardware, e.g., one or more processors or processing units, for storing and executing the software or firmware. In general, the processing elements may include one or more microprocessors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs), or any other equivalent integrated or discrete logic circuitry, as well as any combinations of such components. Furthermore, the processing unit is typically implemented using fixed and/or programmable logic circuits.
User interface 36 represents one or more interfaces through which a user (e.g., administrator 12) (fig. 1) interacts with management apparatus 10, for example, to provide inputs and receive outputs. For example, the user interface 36 may represent one or more of a monitor, keyboard, mouse, touch screen, touch pad, speaker, camera, microphone, and the like. Further, although in this example, the management device 10 includes a user interface, it should be understood that the administrator 12 need not interact directly with the management device 10, but may remotely access the management device 10, e.g., via the network interface 34.
In this example, the control unit 22 includes a user interface module 38, a network interface module 32, and a management module 24. The control unit 22 executes a user interface module 38 to receive input from the user interface 36 and/or to provide output to the user interface 36. The control unit 22 also executes a network interface module 32 to send and receive data (e.g., data packets) via a network interface 34. The user interface module 38, the network interface module 32, and the management module 24 may again be implemented as respective hardware units, or in a combination of software (including firmware and/or middleware) and hardware (e.g., a processor).
Control unit 22 executes management module 24 to manage various network devices, such as elements 14 of fig. 1. Management includes, for example, configuring network devices according to instructions received from a user (e.g., administrator 12 of fig. 1) and providing the user with the ability to submit instructions to configure the network devices. In this example, management module 24 also includes a configuration module 26 and a translation module 28.
Management module 24 is configured to receive high-level configuration instructions or other high-level configuration data for a set of managed network devices from a user (e.g., administrator 12). Over time, the user may update the configuration instructions, for example, adding new intents, removing existing intents, or modifying existing intents performed by the managed device. The high-level configuration instructions may be constructed according to, for example, Yet Another Next Generation (YANG) data modeling language. In some examples, management module 24 also provides the user with the ability to submit translation functions performed by translation module 28 to translate high-level configuration instructions into device-specific low-level configuration instructions or other low-level configuration data, as described below.
The management device 10 also comprises a configuration database 40. Configuration database 40 typically includes information describing the network devices (e.g., elements 14) being managed. For example, the configuration database 40 may include information indicating device identifiers (e.g., Media Access Control (MAC) and/or Internet Protocol (IP) addresses), device types, device vendors, device classes (e.g., routers, switches, bridges, hubs, etc.), and so forth. The configuration database 40 also stores current configuration information (e.g., high level configuration information, or in some cases, high level configuration and low level configuration information) for the managed devices (e.g., elements 14).
The translation module 28 determines which devices are managed using the configuration database 40. The translation module 28 determines which translation function 30 is performed on the high-level configuration instructions, e.g., which device is to receive the low-level configuration instructions, based on the information of the configuration database 40. Translation module 28 then performs each determined translation function of translation functions 30, provides high-level configuration instructions as input to the translation functions, and receives low-level configuration instructions.
Configuration module 26 may first determine an existing set of high-level configuration information for each service executed by the device to be configured updated, for example, by retrieving the existing set of high-level configuration information for each service from configuration database 40. Configuration module 26 may then compare the existing set of high-level configuration information with the newly received set of high-level configuration information and determine the differences between the existing and newly received sets of high-level configuration information. Configuration module 26 may then pass information indicative of these differences to conversion module 28 for conversion into corresponding sets of low-level configuration information. The configuration module 26 also updates existing high-level configuration information recorded in the configuration database 40 based on the newly received set of high-level configuration information.
The translation module 28 may generate two different types of translation functions 30, referred to above as forward mapping and reverse mapping. In the example of fig. 2, the forward map is denoted as "FM 50" and the reverse map is denoted as "RM 52". Translation module 28 may automatically generate RMs 52 from corresponding forwarding maps 50 using translation scripts defined according to a translation language (not shown in the example of fig. 2 for ease of illustration), as described in more detail in incorporated U.S. patent application No.15/198,657.
As further shown in the example of FIG. 2, management module 24 also includes a resource manager module 60 and an analysis module 62. Resource manager module 60 may represent a module configured to identify one or more resources based on resource selection criteria 59. That is, configuration module 26 may receive policies that include high-level configuration data that identifies one or more intents (which, in some examples, are declarative) that specify network services to be provisioned within network 2. Configuration module 26 may provide intent to translation module 28, and translation module 28 may compile the intent into low-level configuration data specific to a particular component 14. For compilation purposes, translation module 28 may extract resource selection criteria 59 from the high-level configuration data and provide resource selection criteria 59 to resource manager module 60.
Resource manager module 60 may maintain an inventory of available resources that is updated through interaction with analysis module 62. Analysis module 62 may represent a module configured to interface with element 14 via network interface module 32 and network interface 34 in order to obtain telemetry data. As further shown in the example of fig. 2, the management device 10 may further include a telemetry database 70 that stores telemetry data obtained from the elements 14. Resource manager module 62 may request that analysis module 62 provide different types of telemetry data that is stored to telemetry database 70. Telemetry data may include any data describing the state of element 14, including the number of packets sent, the number of packets received, the role, the number of sessions, latency, the number of packets dropped, the ability to support a particular routing or other network protocol, etc.
Resource manager module 60 may request a particular type of telemetry data (which represents the status of element 14 and may therefore also be referred to as "status data") based on resource selection criteria 59. That is, as one example, when resource selection criteria 59 indicates that resources with less than 1000 BGP sessions are needed to support the intent, resource manager module 62 may request multiple active BGP sessions for element 14. As another example, when resource selection criteria 59 indicates that a minimum latency is required to support the intent, resource manager module 62 may request a latency metric for element 15.
Analysis module 62 may receive the request from resource manager module 60 and access telemetry database 70 to retrieve the requested telemetry data. Analysis module 62 may provide the requested telemetry data as telemetry data 63. Resource manager module 60 may then apply resource selection criteria 59 to telemetry data 63 in order to identify which resources will be used to support the intent (in other words, declare which services will be provisioned). Resource manager module 60 may interface with translation module 28 to provide the identified resources. Translation module 28 may then identify one or more forwarding maps 50 associated with the identified resources and apply the identified one or more forwarding maps 50 to the high-level configuration data to obtain low-level configuration data specific to the identified one or more resources.
Conversion module 28 may interface with configuration module 26 to provide low-level configuration data and an indication of which element 14 the low-level configuration data is to be applied to. Configuration module 26 may then interface with the identified elements 14 to configure the determined resources using low-level configuration data specific to the determined resources when provisioning services in network 2.
Analysis module 62 may periodically poll (or otherwise obtain) updated status data in the form of updated telemetry data, which analysis module 62 may store in telemetry database 70. In response to receiving the updated telemetry data, analysis module 62 may interface with resource manager module 60 to indicate that updated telemetry data has been obtained. In some examples, telemetry database 70 may include functionality to enable resource manager module 60 to subscribe to particular telemetry data, thereby enabling resource manager module 60 to automatically receive an indication when the subscribed telemetry data has been updated. Further, although described in terms of periodic polling, the analysis module 62 may obtain updated telemetry data in other manners, such as through a push model in which the element 14 is configured to provide updated telemetry data in response to any change, or any change that exceeds a certain threshold amount of change, and so forth.
In any event, the resource manager module 60 may determine whether the determined resource will continue to support the service based on the update status data 63 identifying the update status (or, in other words, the status) and the resource selection criteria 59. In response to determining that the determined resources will continue to support the service, resource manager module 60 may refrain from adjusting or readjusting the provisioned service. Resource manager module 60 may determine, in response to determining that the determined resource no longer continues to support the service, an alternate resource to support the service based on resource selection criteria 59 and updated status data 63. Resource manager module 60 may interface with translation module 28 to initiate translation of high-level configuration data to low-level configuration data specific to the determined alternate resource. Translation module 28 may provide configuration module 26 with low-level configuration data specific to the determined alternate resource, and configuration module 26 may interface with the determined alternate resource to configure the determined alternate resource with the low-level configuration data specific to the determined alternate resource when re-provisioning services in network 2.
FIG. 3 is a block diagram illustrating the management module shown in FIG. 2 in greater detail. As shown in the example of fig. 3, configuration module 26 includes an intent layer module 100 and an element configuration module ("element configuration module") 102. The intent layer module 100 may manage the intents specified in one or more policies. Although not shown in the example of FIG. 3, the intent layer module 100 may store the intent in an intent database or other data structure. The intent layer module 100 can manage the process of translating intent from high-level configuration data 101 to low-level configuration data 105. The element configuration module 102 may represent a module configured to configure elements 14 using low-level configuration data 105 specific to a particular element 14.
As further shown in the example of fig. 3, translation module 28 may include an intent compiler module 104, which may represent a unit configured to translate high-level configuration data 101 (representing one or more intents) into low-level configuration data 105. During the conversion of high-level configuration data 101 to low-level configuration data 105, intent compiler module 104 may identify resource selection criteria 59 (which may be specified as a resource matching filter in forwarding map 50). In other words, administrator 12 may define resource selection criteria 59 in the conversion logic (e.g., forwarding map 50) that intent compiler module 104 may parse from forwarding map 50.
As further shown in the example of fig. 3, the resource manager module 60 includes a resource selection module 106 and an inventory manager module 108. Resource selection module 106 may represent a module configured to select one or more resources 107 based on resource selection criteria 59. Intent compiler module 104 may obtain resource selection criteria 59 from forwarding map 50 and invoke resource selection module 106 to pass resource selection criteria 59 to resource selection module 106. The resource selection module 106 may then invoke the inventory manager module 108, and the inventory manager module 108 may represent a unit configured to discover resources within the network 2 and maintain resources, such as resource inventory, the status of which is updated based on telemetry data stored to the telemetry database 70.
The inventory manager module 108 may discover resources (which may include resources and resource pools) from a device schema. The device architecture may include a "resource extension," which may represent a resource, an example of which is as follows.
Figure BDA0002103697130000111
In the above, "resource" refers to an extension that defines an element as a resource, and "resource-key" may allow for a hierarchical definition of a resource. For example, an apparatus may include one or more "port" resources. Each port resource may include one or more "cell" resources. In some cases, the device architecture may provide a way to specify a range of resource units in a given context. The resource key may represent a parent resource critical path. In some examples, the resource is a simple value. Furthermore, when the device id is a key of an interface name resource, the same interface name on the device may not be assigned to both services. The resource key may be optional.
Further, "resource-type" may represent a resource type. There may be multiple resource types (e.g., L2 resources, L3 overlay resources, etc.). The resource type may be optional (e.g., "virtual circuit" is "L3 override resource"). A "load-factor" may refer to an extension that is capable of deriving a load on a resource. The load factor may comprise a "metric" path and a "weight", wherein the weight is applied to the identified metric to obtain the load. "resource-metrics" extension refers to an operational state (or, in other words, state) metric.
The device architecture may also define complex resource metrics. For example, there may be resource metrics derived on different endpoints. For example, a virtual circuit is a network-wide "point-to-point" overlay structure. The resource metric will be derived from both endpoints. The metrics may include, for example, received packets and transmitted packets (rx-pps, tx-pps). In this example, one endpoint's rx-pps may be derived from other endpoints "packets sent".
The following extensions may be used to represent complex metrics.
Figure BDA0002103697130000121
By default, the management system 10 may define an "equals" (equator) "resource consolidation policy," where the resource consolidation policy may specify how to consolidate resources. Equatorial consolidation rules may map resources when the resource keys are the same. The device architecture may allow for the definition of customized merging rules that may be used to compare resources to identify which instances may be merged to derive complex metrics, an example of which is as follows.
Figure BDA0002103697130000122
Figure BDA0002103697130000131
The device architecture may also enable resource pool discovery, where there may be a resource pool in context. For example, consider an interface that contains the resources of units 1-4094. The YANG elements that define the "scope" are the resource pool.
To fill the inventory, the inventory manager module 108 may traverse the device architecture according to the following pseudo code:
for each Yang element in the element configuration architecture
If there is a resource extension
Then use
Resource key
Pool-if YANG element defines a range
Load factor key and weight
Custom metrics
To create a resource type.
The resource selection module 106 may ensure resource persistence and obtain the next available resource in an efficient manner, as follows:
the resource manager allocates resources centrally to the intents/services; and is provided with
The resource manager should allocate resources in near real time.
The previous examples are as follows:
in the case of service provider deployment, resources are specified as follows:
devices (PE, CE terminals);
an interface;
the unit interfaces-ge-0/0/1 through-ge-0/0/48 of each physical interface.
This has two aspects:
how to efficiently store resources in a database;
if the cells are 1 to 4094, the system should not add all entries in the database because there are many ports, each of which may have 1 to 4094 cells.
The problem then becomes how to get the next available resource in an efficient way, which can be solved by the following example algorithm. While bitmaps can be used to identify the next resource, the use of bitmaps can introduce performance bottlenecks. In some examples, the techniques set forth in this disclosure may follow a commit log type of data structure in which allocated resources are reserved. When there is a next resource request, the resource queue in memory gives the next available resource. After the queue reload, the individual thread will continue to clear the queue in the bitmap. Resource manager module 60 may maintain the allocated resources in the following database tables.
A memory data structure:
resource queue-maintain the first "n" available resources;
a resource memory table: resources, allocated services.
A database:
resource table: resource, allocated service
Resource log table: resource id, acquisition/release status
Resource bit map table: parent resource id, resource type, resource bitmap
Resource manager module 60 may use bitmaps in the database to track "used resources" and "available resources" and provide effective persistence of resource usage information in the database. However, the above steps will serialize the "resource allocation". To avoid serialization, in some examples, the resource manager module 60 may perform according to the following steps, which are shown in more detail in fig. 4. Fig. 4 is a flow diagram illustrating resource allocation in accordance with various aspects of the technology described in this disclosure.
The first N available resources (sorted based on load) and the in-memory usage status are buffered in a resource queue (200).
A "resource log" table is introduced to support hardware failures.
If the resource manager allocates a resource to the service (202), it is added to the resource log table (204).
Based on a certain threshold (number of resource allocation entries), the caches are flushed to the "resource table" and "resource bitmap" tables (206, 208).
In the event of a hardware failure, an entry is read from the resource log table and the "resource table" and "resource bitmap" tables are updated (200).
Returning to the example of fig. 3, in some examples, multiple services may run on the same resource, e.g., multiple L3 VPNs may use the same interface sub-resource (unit interface). In this way, the resource manager module 60 may predict utilization of resources such that a service will migrate to a different resource before the service fails to meet a Service Level Agreement (SLA) due to network congestion or other reasons. The resource prediction comprises the following steps:
identifying a state attribute corresponding to the resource;
a sample of a preconfigured sample size (>30) is created.
Now, a confidence interval (confidence interval) is calculated from the mean value of the parameters.
The sample interval is m (+ or-) (z × s/sqrt (n)), where m denotes the average value of the current sample, s denotes the standard deviation, and n denotes the sample size.
Here, z is calculated from the confidence (preconfigured)%. For example: for 95% confidence interval, z is 1.96 (95% by default).
To illustrate, consider the following example:
the incoming traffic percentage of the interface is the parameter to be predicted. For ease of explanation, it is assumed that the interface resources depend on this parameter.
The analysis module 62 may periodically poll the interface utilization parameters (i.e., the analysis module 62 includes a telemetry collection module 112, which represents a module configured to poll the elements 14 to collect the parameters or (in other words) metrics), and group samples of size 30 parameters (i.e., the analysis module includes an aggregation module 110, which represents a module configured to aggregate different parameters or (in other words) metrics), and calculate a mean and standard deviation (by the aggregation module 110) for each sample.
If the calculated average is greater than the upper limit of the confidence interval, the resource selection module 106 determines an alternate resource and migrates one or more services supported by the original resource to the alternate resource. Similarly, when the average is below the confidence interval range, the resource manager module 60 may select resources that support more services.
The resource manager module 60 may track any fluctuations in migration and trends and suggest to the user to optimize the sample size and confidence interval constant (confidence percentage).
In this manner, the inventory manager module 108 may discover resources within the network 2 and maintain inventory (e.g., in an inventory database). Resource selection module 106 may then identify resources that meet or exceed resource selection criteria 59. In some cases, the inventory manager module 108 may apply the above-described weights to the respective resource metrics to obtain the respective resource loads. The inventory manager module 108 may then provide the resource load to the resource selection module 106, and the resource selection module 106 may determine the resources to support the service based on applying the resource selection criteria 59 to the resource load.
Resource selection module 106 may obtain resource selection criteria from the resource selection query. Resource manager module 106 can allocate optimized resources (in terms of meeting or exceeding resource selection criteria 59) as part of intent translation (e.g., high-level configuration data 101). The resource selection query follows a filter syntax, where the sample data model and corresponding resource selection are shown below as one example.
Figure BDA0002103697130000151
Figure BDA0002103697130000161
In the above example, a "site" vertex refers to a number of devices, where a leaf device has a device role ("devicerole") attribute.
Upon population, the resource selection criteria follow the data model described above, as shown in the following example.
Figure BDA0002103697130000162
The instructions provide an example method for describing alternate runtime execution (alternate runtime execution) and type verification behavior in a graphical query language ("GraphQL") document. The "resource" instruction may indicate that the resolved variable is a resource. The resource instructions may employ alias tags for the resources, as shown below.
Defining:
Resource“<resourcealias>”
turning to the optimization expressions and parameters used in the resource selection query, optimization decision variables may be specified in the parameters of the "resource" instruction attributes. Resource selection module 106 may derive the following optimization decision variables from the query:
a decision variable;
a target; and
constraint
The target bounds and constraints may be specified as "optimization expressions," an example syntax of which is provided below:
and (4) optimizing functions: optimization (objective, constraint);
target: minimum, maximum, average;
constraint/bound: a constraint of resource metrics- < ═ or > -or.
In this manner, the resource selection module 106 may obtain the resource selection criteria 59 and apply the resource selection criteria 59 to the resource obtained from the inventory manager module 108, thereby obtaining the resource 107 that will support the service. Intent compiler module 104 can then proceed to convert high-level configuration data 101 into low-level configuration data 105 that is specific to resource 107. The intent layer module 100 may pass low-level configuration data 105 to the element configuration module 102 and the element configuration module 102, including resources 107, may interface with the element 14 to configure the element 14 using the low-level configuration data 105 to support the service within the network 2.
To illustrate how the resource manager derives optimization constraints and goals, consider the following example.
Figure BDA0002103697130000171
In the above resource selection query, the device resources include:
precision variables-latency, bgp-session-count;
target: a minimum delay;
constraint: bgp-session-count < 1000.
The foregoing may be represented by the following pseudo code:
for each element in the resource selection query:
calling a 'resolver' and acquiring a matched object// resolver is a function for acquiring a matched object in the Graph QL;
fill in "resource selection criteria"// is specified as a parameter in each element of the query;
if there is a "resource instruction", then
Reading the alias of the resource;
reading an optimization decision variable;
running optimization and selecting resources;
allocating resources to the aliases;
interfacing with an inventory module;
a notification of "resource selection criteria" is registered.
As described above, resource manager module 60 may invoke analysis module 62 to obtain telemetry data (representing status data), which may result in various changes to the resource. For example, assume that a PE role change of a device requires allocation of new resources for the intent. The following pseudo code illustrates what happens when inventory (e.g., component status data) changes in a polling-based model.
For each change in inventory:
checking whether the change matches a resource criterion;
new resources are selected and applied to the intent.
Interface with the analysis node to
Enabling monitoring of a desired attribute on a resource;
the metrics from the analysis nodes are listened to over the message bus.
Events on the analysis node are configured against a threshold.
Threshold crossing events are listened to and an optimization module is run.
The following provides pseudo-code for obtaining resource updates in a subscription-based model:
for each element in the resource selection query,
if there is a "resource direct" (resource instruction), then
Reading an optimization decision variable;
a threshold of subscription constraints;
a listening target metric.
Resource constraint semantics can appear in the intent data model, which can be specified in the resource mapping constraints.
Some use cases are:
the L3VPN should only have MPLS-capable devices;
a loopback address port should be used.
These resource constraints can be modeled in Yang using a leaf ref that references the resource.
The resource filter follows the filter query syntax, as shown in the following example:
Figure BDA0002103697130000181
in some cases, the resource constraints may be based on context. The service model may contain devices and interfaces. The interface may be based on the selected device. In these cases, the LEAFref path will contain the context as follows:
Figure BDA0002103697130000182
Figure BDA0002103697130000191
in the above example, the management appliance 10 may assist the administrator 12 in selecting an interface, where the administrator 12 may define a particular loopback address to select an interface, and the management appliance 10 may generate an appropriate configuration to configure the interface. In this regard, these techniques may allow for system-assisted user selection.
To define intent including automatic resource selection, administrator 12 may create an intent Yang data model and provide a conversion script along with a resource selection query. To illustrate, consider the following example:
intention: l2 point-to-point connection between "site-a" and "site-B" with guaranteed high bandwidth;
the intention is to achieve: as part of the "service layer intent implementation," the management system 10 may select PE devices with "less load" and configure "L2 circuits" between site-a and site-B.
In this example, administrator 12 may define the intent Yang data model as follows:
Figure BDA0002103697130000192
Figure BDA0002103697130000201
the intent translation script may include one or more of python code, a mapper, and a template, including a resource selection query. The following is an example of a mapper (the context and use of which is described in more detail in U.S. patent application serial No.15/198,657, incorporated above).
Figure BDA0002103697130000202
Figure BDA0002103697130000211
Fig. 5 is a flow diagram illustrating example operations of the management system shown in fig. 1-3 in performing aspects of the automated intent providing techniques described in this disclosure. The management device 10 may automatically provision and manage the intents set forth by the policies for managing the computer network 2.
As described above, when processing intent, these techniques may enable the management device 10 or other device provisioning system to obtain high-level configuration data 101, which includes resource selection criteria 59(300) defined using an extensible command set. The management device 10 may automatically identify one or more resources to be configured to support the network service identified by the intent using the resource selection criteria. In other words, the management apparatus 10 may determine, based on the resource selection criterion 59, the resource 107(302) that supports the service specified by the high-level configuration data. Management device 10 may then convert high-level configuration data 101 into low-level configuration data 105(304) that is specific to resource 107. When provisioning services in the network 2, the management apparatus 10 may configure the determined resources 107 using low-level configuration data 105 specific to the determined resources 107 (306).
This process may be repeated in response to a change in the state (or, in other words, state) of the element 14. That is, the management device 10 may maintain a resource database and provide an interface through which to collect and update the various resources and the current status of each resource. The various resources may report status data to the management device 10 indicating the current status of the resources (and/or the management device 10 may poll the resources to obtain status data), wherein the management device 10 may update a database to store the status data to maintain the current status of each resource. The management device 10 may select a resource based on applying resource selection criteria to the status data (302), perform a transition (304), and configure the selected resource when provisioning network services in the network 2 (306), thereby automatically provisioning the intent.
The management device 10 may obtain update status data indicating the update status of the resource, compare the update status data from the resource to the resource selection criteria to determine whether the intent has degraded. When the update status data of the previously configured resource no longer satisfies the resource selection criteria, the management device 10 may downgrade the intent and identify another resource (which may be referred to as an alternate resource) to replace the insufficient resource. The management device 10 may identify the replacement resource by again applying the resource selection criteria to the updated status data (302). The management device 10 may then perform the conversion (304) and, when the service is re-provisioned within the network 2, configure the replacement resource (306) to maintain or otherwise manage the intent to ensure the appropriate service level for the intent.
In addition to or as an alternative to the foregoing, the following examples are described. Features described in any of the examples below may be used with any of the other examples described herein.
Example 1. a method, comprising: obtaining, by a management apparatus, a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service; based on the resource selection criteria, the management device determines resources from the plurality of potential resources that support the service; converting, by the management device, the high-level configuration data into low-level configuration data specific to the determined resource; and configuring, by the management device, the determined resource using low-level configuration data specific to the determined resource when provisioning the service in the network.
Example 2. the method of example 1, wherein the high-level configuration data includes an intent to specify a network service and includes resource selection criteria.
Example 3. the method of example 1, wherein determining the resource comprises automatically determining a resource from the plurality of potential resources without human intervention and based on the resource selection criteria.
Example 4. the method of example 1, wherein the high-level configuration data defines resource selection criteria using an extensible command set.
Example 5 the method of example 1, further comprising obtaining status data identifying a status of each of the plurality of potential resources, wherein determining resources comprises determining resources from the plurality of potential resources that support the service based on applying the resource selection criteria to the status data.
Example 6. the method of example 5, further comprising: obtaining update status data identifying an update status of each of the plurality of potential resources; determining whether the determined resource will continue to support the service based on the updated state data and the resource selection criteria; in response to determining that the determined resource does not continue to support the service, and based on the resource selection criteria and the updated status data, determining an alternate resource that supports the service; converting the high-level configuration data into low-level configuration data specific to the determined replacement resource; and configuring the determined replacement resource using low-level configuration data specific to the determined replacement resource when the service is re-provisioned in the network.
Example 7. the method of example 5, wherein the state data identifies one or more resource metrics and corresponding one or more weights defined using an extensible command set, wherein the resource metrics identify an operational state of a corresponding resource of the plurality of potential resources, and wherein determining a resource comprises: applying one or more weights to a respective one of the resource metrics to obtain one or more respective resource loads; and determining a resource of the plurality of potential resources that supports the service based on applying the resource selection criteria to the resource load.
Example 8 the method of example 1, further comprising determining a plurality of potential resources based on the device architecture.
Example 9. the method of example 1, wherein determining resources comprises: determining one or more of decision variables, goals, and constraints based on resource selection criteria; and applying one or more of the decision variables, goals, and constraints to the plurality of potential resources to determine resources to support the service.
Example 10. an apparatus, comprising: one or more processors configured to: obtaining a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service; determining resources from the plurality of potential resources that support the service based on resource selection criteria; converting the high-level configuration data into low-level configuration data specific to the determined resource; a memory configured to store low-level configuration data specific to the determined resource; and an interface through which the determined resources are configured using low-level configuration data specific to the determined resources when provisioning the service in the network.
Example 11 the apparatus of example 10, wherein the high-level configuration data includes an intent to specify a network service and includes resource selection criteria.
Example 12. the apparatus of example 10, wherein the one or more processors are configured to automatically determine, without human intervention and based on the resource selection criteria, a resource from the plurality of potential resources.
Example 13. the apparatus of example 10, wherein the high-level configuration data defines resource selection criteria using an extensible command set.
The apparatus of example 14, wherein the one or more processors are further configured to identify status data of the status of each of the plurality of potential resources, wherein the one or more processors are configured to determine a resource of the plurality of potential resources that supports the service based on applying the resource selection criteria to the status data.
The apparatus of example 15, wherein the one or more processors are further configured to: obtaining update status data identifying an update status of each of the plurality of potential resources; determining whether the determined resource will continue to support the service based on the updated state data and the resource selection criteria; in response to determining that the determined resource does not continue to support the service, and based on the resource selection criteria and the updated status data, determining an alternate resource that supports the service; converting the high-level configuration data into low-level configuration data specific to the determined replacement resource; and configuring the determined alternate resource with low-level configuration data specific to the determined alternate resource when re-provisioning the service in the network.
The apparatus of example 16, wherein the state data identifies one or more resource metrics and corresponding one or more weights defined using an extensible command set, wherein the resource metrics identify an operational state of a corresponding resource of the plurality of potential resources, and wherein the one or more processors are configured to: applying one or more weights to a respective one of the resource metrics to obtain one or more respective resource loads; and determining resources of the plurality of potential resources that support the service based on applying the resource selection criteria to the resource load.
The apparatus of example 17, wherein the one or more processors are further configured to determine a load characteristic for each of the plurality of potential resources, wherein the one or more processors are configured to determine a resource of the plurality of potential resources that supports the service based on the resource selection criteria and the load characteristics.
Example 18 the apparatus of example 10, further comprising maintaining a commit log data structure by which resources of the plurality of potential resources that have been allocated to support the service are identified.
Example 19 the apparatus of example 18, wherein the commit log data structure indicates that the plurality of potential resources are available to allocate a supporting service, and wherein determining resources comprises determining resources of the plurality of potential resources to support the service based on resource selection criteria and the commit log data.
An example 20. a non-transitory computer-readable storage medium having instructions stored thereon that, when executed, cause one or more processors of a management apparatus to: obtaining a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service; determining resources from the plurality of potential resources that support the service based on resource selection criteria; converting the high-level configuration data into low-level configuration data specific to the determined resource; and configuring the determined resources using low-level configuration data specific to the determined resources when provisioning the service in the network.
Furthermore, any of the specific features set forth in any of the above examples may be combined into a beneficial example of the described technology. That is, any particular feature generally applies to all examples of the techniques described in this disclosure. Various examples of these techniques have been described.
In one or more examples, the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium and executed by a hardware-based processing unit. The computer readable medium may include a computer readable storage medium corresponding to a tangible medium, for example, a data storage medium. A data storage medium may be any available medium that can be accessed by one or more computers or one or more processors to retrieve instructions, code and/or data structures for implementing the techniques described in this disclosure. The computer program product may include a computer-readable medium.
By way of example, and not limitation, such computer-readable storage media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. Computer-readable storage media and data storage media do not include connections, carrier waves, signals, or other transitory media, but rather refer to non-transitory, tangible storage media. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
The instructions may be executed by one or more processors, such as one or more Digital Signal Processors (DSPs), general purpose microprocessors, Application Specific Integrated Circuits (ASICs), field programmable logic arrays (FPGAs), or other equivalent integrated or discrete logic circuitry. Thus, the term "processor" as used herein may refer to any of the foregoing structure or any other structure suitable for implementing the techniques described herein. Further, in some aspects, the functionality described herein may be provided in dedicated hardware and/or software modules configured for encoding and decoding, or included in a combined codec. Furthermore, the techniques may be fully implemented in one or more circuits or logic elements.
The techniques of this disclosure may be implemented in a variety of apparatuses or devices, including a wireless handset, an Integrated Circuit (IC), or a set of ICs (e.g., a chipset). Various components, modules, or units are described in this disclosure to emphasize functional aspects of devices configured to perform the disclosed techniques, but do not necessarily require realization by different hardware units. Rather, as noted above, the various units may be combined in a codec hardware unit, or provided by a number of interoperating hardware units (including one or more processors as noted above) and suitable software and/or firmware.
Various aspects of these techniques have been described. These and other aspects of the technology are within the scope of the following claims.

Claims (18)

1. A dynamic intent guarantee method in a computer network, comprising:
obtaining, by a management apparatus, a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service;
obtaining state data identifying a state of each of the plurality of potential resources prior to providing a service in the network;
prior to providing a service in the network, the management device determining resources from a plurality of potential resources that support the service based on applying resource selection criteria to the status data;
converting, by the management apparatus, the high-level configuration data into low-level configuration data for the determined resource; and is provided with
The determined resources are configured by the management device using the low-level configuration data for the determined resources when providing the service in the network.
2. The method of claim 1, wherein the high-level configuration data includes an intent to specify a network service and includes resource selection criteria.
3. The method of any of claims 1 and 2, wherein determining the resource comprises automatically determining a resource from the plurality of potential resources without human intervention and based on the resource selection criteria.
4. The method of any of claims 1 and 2, wherein the high-level configuration data defines resource selection criteria using an extensible command set.
5. The method according to any one of claims 1 and 2, further comprising:
obtaining update status data identifying an update status of each of the plurality of potential resources;
determining whether the determined resource will continue to support the service based on the updated status data and the resource selection criteria;
in response to determining that the determined resource does not continue to support the service, and based on the resource selection criteria and the updated status data, determining an alternate resource that supports the service;
converting the high-level configuration data into low-level configuration data for the determined replacement resource; and is
Configuring the determined alternative resource using the low-level configuration data for the determined alternative resource when the service is re-provisioned in the network.
6. The method according to any one of claims 1 and 2,
wherein the state data identifies one or more resource metrics defined using an extensible command set and corresponding one or more weights,
wherein the resource metrics identify an operational state of respective ones of the plurality of potential resources, and
wherein determining the resource comprises:
applying one or more weights to a respective one of the resource metrics to obtain one or more respective resource loads; and is provided with
Determining resources from the plurality of potential resources that support the service based on applying the resource selection criteria to a resource load.
7. The method of any of claims 1 and 2, further comprising determining a plurality of potential resources based on a device architecture.
8. The method of any of claims 1 and 2, wherein determining resources comprises:
determining one or more of decision variables, goals, and constraints based on the resource selection criteria;
applying one or more of the decision variables, the goal, and the constraint to the plurality of potential resources to determine resources that support the service.
9. A dynamic intent guarantee device in a computer network, comprising:
one or more processors configured to:
obtaining a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting resources from a plurality of potential resources to support the service;
obtaining state data identifying a state of each of the plurality of potential resources prior to providing a service in the network
Determining, prior to providing a service in the network, a resource from a plurality of potential resources that supports the service based on applying the resource selection criteria to the status data;
converting the high-level configuration data into low-level configuration data for the determined resource;
a memory configured to store low-level configuration data for the determined resources; and
an interface through which the determined resource is configured using low-level configuration data for the determined resource when providing the service in the network.
10. The apparatus of claim 9, wherein the high-level configuration data comprises an intent to specify a network service and comprises resource selection criteria.
11. The apparatus according to any one of claims 9 and 10, wherein the one or more processors are configured to automatically determine resources from the plurality of potential resources without human intervention and based on the resource selection criteria.
12. The apparatus according to any of claims 9 and 10, wherein the high-level configuration data defines the resource selection criteria using an extensible command set.
13. The apparatus of any of claims 9 and 10, wherein the one or more processors are further configured to:
obtaining update status data identifying an update status of each of the plurality of potential resources;
determining whether the determined resource will continue to support the service based on the updated status data and the resource selection criteria;
in response to determining that the determined resource does not continue to support the service, and based on the resource selection criteria and the updated status data, determining an alternate resource that supports the service;
converting the high-level configuration data into low-level configuration data for the determined alternate resource; and is
Configuring the determined alternate resource using low-level configuration data for the determined alternate resource when the service is re-provisioned in the network.
14. The apparatus as set forth in claim 9, wherein,
wherein the state data identifies one or more resource metrics defined using an extensible command set and corresponding one or more weights,
wherein the resource metrics identify an operational state of respective ones of the plurality of potential resources, and
wherein the one or more processors are configured to:
applying one or more weights to a respective one of the resource metrics to obtain one or more respective resource loads; and is
Determining resources from the plurality of potential resources that support the service based on applying the resource selection criteria to a resource load.
15. The apparatus of any of claims 9 and 10, wherein the one or more processors are further configured to determine a load characteristic for each of the plurality of potential resources,
wherein the one or more processors are configured to determine resources from the plurality of potential resources to support the service based on resource selection criteria and the load characteristics.
16. The apparatus of any of claims 9 and 10, further comprising maintaining a commit log data structure by which to identify resources of the plurality of potential resources that have been allocated to support the service.
17. The apparatus as set forth in claim 16, wherein,
wherein the commit log data structure indicates that the plurality of potential resources are available to be allocated to support the service, and
wherein determining resources comprises determining resources from the plurality of potential resources that support the service based on the resource selection criteria and the commit log data.
18. A non-transitory computer-readable storage medium having instructions stored thereon that, when executed, cause one or more processors of a management device to:
obtaining a policy comprising high-level configuration data defining a service to be deployed within a network, the high-level configuration data comprising resource selection criteria identifying one or more criteria for selecting a resource from a plurality of potential resources that supports the service;
obtaining state data identifying a state of each of the plurality of potential resources prior to providing a service in the network;
determining, prior to providing a service in the network, a resource from a plurality of potential resources that supports the service based on applying a resource selection criterion to the status data;
converting the high-level configuration data into low-level configuration data for the determined resource; and is
Configuring the determined resources using low-level configuration data for the determined resources when providing the service in the network.
CN201910545102.4A 2018-09-07 2019-06-21 Dynamic intention guarantee method and device in computer network and storage medium Active CN110890976B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210901501.1A CN115250223A (en) 2018-09-07 2019-06-21 Dynamic intention guarantee method and device in computer network and storage medium

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/125,245 2018-09-07
US16/125,245 US11140049B2 (en) 2018-09-07 2018-09-07 Dynamic intent assurance and programmability in computer networks

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202210901501.1A Division CN115250223A (en) 2018-09-07 2019-06-21 Dynamic intention guarantee method and device in computer network and storage medium

Publications (2)

Publication Number Publication Date
CN110890976A CN110890976A (en) 2020-03-17
CN110890976B true CN110890976B (en) 2022-08-19

Family

ID=67220612

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202210901501.1A Pending CN115250223A (en) 2018-09-07 2019-06-21 Dynamic intention guarantee method and device in computer network and storage medium
CN201910545102.4A Active CN110890976B (en) 2018-09-07 2019-06-21 Dynamic intention guarantee method and device in computer network and storage medium

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202210901501.1A Pending CN115250223A (en) 2018-09-07 2019-06-21 Dynamic intention guarantee method and device in computer network and storage medium

Country Status (3)

Country Link
US (2) US11140049B2 (en)
EP (1) EP3620920B1 (en)
CN (2) CN115250223A (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11140049B2 (en) 2018-09-07 2021-10-05 Juniper Networks, Inc. Dynamic intent assurance and programmability in computer networks
US11985023B2 (en) 2018-09-27 2024-05-14 Juniper Networks, Inc. Supporting graphQL based queries on yang based configuration data models
US10904250B2 (en) * 2018-11-07 2021-01-26 Verizon Patent And Licensing Inc. Systems and methods for automated network-based rule generation and configuration of different network devices
CN115051903B (en) * 2019-02-14 2023-08-04 华为技术有限公司 Intent processing method, device and system
US10892952B2 (en) 2019-02-21 2021-01-12 Juniper Networks, Inc. Supporting compilation and extensibility on unified graph-based intent models
US10841182B2 (en) 2019-03-29 2020-11-17 Juniper Networks, Inc. Supporting near real time service level agreements
US10897396B2 (en) 2019-03-29 2021-01-19 Juniper Networks, Inc. Supporting concurrency for graph-based high level configuration models
EP3722944A1 (en) 2019-04-10 2020-10-14 Juniper Networks, Inc. Intent-based, network-aware network device software-upgrade scheduling
US11165647B2 (en) 2019-06-28 2021-11-02 Juniper Networks, Inc. Managing multiple semantic versions of device configuration schemas
US11252025B2 (en) * 2020-04-16 2022-02-15 Juniper Networks, Inc. Model driven configuration management for microservices
US11507351B2 (en) * 2020-05-12 2022-11-22 Vmware, Inc. Intent compiler
WO2021234438A1 (en) * 2020-05-22 2021-11-25 Telefonaktiebolaget Lm Ericsson (Publ) Intent-aware data preservation in edge cloud environments
CN114258035B (en) * 2020-09-19 2023-07-11 华为技术有限公司 Communication method, device and system
US11611474B2 (en) 2020-12-28 2023-03-21 Juniper Networks, Inc. Edge controller with network performance parameter support
CN114172814B (en) * 2021-10-23 2023-02-07 西安电子科技大学 Method for constructing intention-driven satellite network resource management triple-cooperation model and application
CN116032817A (en) * 2021-10-25 2023-04-28 中兴通讯股份有限公司 BGP-intent route receiving method and BGP-intent route advertising method
CN114338484B (en) * 2021-12-29 2024-05-24 中国电信股份有限公司 Optical network performance data fusion acquisition method, device, equipment and storage medium
US20230344714A1 (en) * 2022-04-22 2023-10-26 Microsoft Technology Licensing, Llc Global intent-based configuration to local intent targets
US20230370340A1 (en) * 2022-05-10 2023-11-16 Microsoft Technology Licensing, Llc Intent definition by network analytics for zero touch network management

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030051029A1 (en) * 2001-09-07 2003-03-13 Reedy Dennis G. Dynamic provisioning of sevice components in a distributed system
US20040230681A1 (en) * 2002-12-06 2004-11-18 John Strassner Apparatus and method for implementing network resources to provision a service using an information model
FR2858900B1 (en) * 2003-08-12 2006-01-06 Cit Alcatel PROVIDING RESOURCE RESERVATION SERVICES WITHIN A RESOURCE MANAGEMENT COMMUNICATIONS NETWORK THROUGH POLICY RULES
US7676552B2 (en) * 2004-02-11 2010-03-09 International Business Machines Corporation Automatic provisioning of services based on a high level description and an infrastructure description
US20110010518A1 (en) * 2005-12-19 2011-01-13 Srinivas Kavuri Systems and Methods for Migrating Components in a Hierarchical Storage Network
US7950007B2 (en) * 2006-06-15 2011-05-24 International Business Machines Corporation Method and apparatus for policy-based change management in a service delivery environment
US20070294364A1 (en) * 2006-06-15 2007-12-20 International Business Machines Corporation Management of composite software services
CN101321080B (en) * 2007-06-04 2010-07-28 华为技术有限公司 Method for configuring network appliance, network appliance and network system
US8072977B2 (en) * 2009-03-26 2011-12-06 Verizon Patent And Licensing Inc. System and method for managing network resources and policies in a multicast environment
US20130138798A1 (en) * 2011-11-29 2013-05-30 International Business Machines Corporation Predictive and dynamic resource provisioning with tenancy matching of health metrics in cloud systems
US20130346543A1 (en) * 2012-06-22 2013-12-26 International Business Machines Corporation Cloud service selector
US8966025B2 (en) * 2013-01-22 2015-02-24 Amazon Technologies, Inc. Instance configuration on remote platforms
CN104424265B (en) * 2013-08-29 2018-10-16 北大方正集团有限公司 Digital asset management method and system
US9705815B2 (en) * 2014-06-27 2017-07-11 Juniper Networks, Inc. Graph database for services planning and configuration in network services domain
US10187321B2 (en) 2015-08-19 2019-01-22 Cisco Technology, Inc. Dynamic VPN policy model with encryption and traffic engineering resolution
US10728096B2 (en) 2015-10-02 2020-07-28 Arista Networks, Inc. Dynamic service device integration
US10762062B2 (en) * 2016-04-04 2020-09-01 Xerox Corporation Data governance: change management based on contextualized dependencies
CN108234208A (en) * 2017-12-29 2018-06-29 三盟科技股份有限公司 The visualization load balancing dispositions method and system of resource management based on business
US11140049B2 (en) 2018-09-07 2021-10-05 Juniper Networks, Inc. Dynamic intent assurance and programmability in computer networks

Also Published As

Publication number Publication date
CN110890976A (en) 2020-03-17
CN115250223A (en) 2022-10-28
EP3620920A1 (en) 2020-03-11
EP3620920B1 (en) 2023-03-08
US20200084120A1 (en) 2020-03-12
US11582115B2 (en) 2023-02-14
US11140049B2 (en) 2021-10-05
US20210409291A1 (en) 2021-12-30

Similar Documents

Publication Publication Date Title
CN110890976B (en) Dynamic intention guarantee method and device in computer network and storage medium
CN111756563B (en) Supporting near real-time service level protocols
CN111756564B (en) Method for configuring network, controller device and storage medium
US11640291B2 (en) Intent-based, network-aware network device software-upgrade scheduling
US10200248B1 (en) Translating high-level configuration instructions to low-level device configuration
US11929886B2 (en) Model driven intent policy conflict detection and resolution through graph analysis
US10278112B1 (en) Resolving out-of-band configuration changes to high-level service configuration for managed network devices
US11611474B2 (en) Edge controller with network performance parameter support
US11489724B1 (en) Processing instructions to configure a network device
CN112104473A (en) Programmable configuration templates in a graphics-based intent controller
US11805013B2 (en) Prioritizing policy intent enforcement on network devices
CN114070724A (en) Performing root cause analysis using a programmable resource-dependent mathematical model
US11792069B2 (en) Processing instructions to configure a network device
CN114697207B (en) Edge controller with network performance parameter support
CN115529235A (en) Controller device and method and system for the same
CN115550186A (en) Topology compiler for network management system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: California, USA

Applicant after: Juniper Networks, Inc.

Address before: California, USA

Applicant before: Jungle network

GR01 Patent grant
GR01 Patent grant